[Zodb-checkins] CVS: ZODB3/ZEO/auth - __init__.py:1.1.2.2 auth_digest.py:1.1.2.3 auth_plaintext.py:1.1.2.2 auth_sha.py:1.1.2.2 hmac.py:1.1.2.2 storage.py:NONE

Johan Dahlin jdahlin at telia.com
Mon May 19 14:46:38 EDT 2003


Update of /cvs-repository/ZODB3/ZEO/auth
In directory cvs.zope.org:/tmp/cvs-serv17295/ZEO/auth

Modified Files:
      Tag: ZODB3-auth-branch
	__init__.py auth_digest.py auth_plaintext.py auth_sha.py 
	hmac.py 
Removed Files:
      Tag: ZODB3-auth-branch
	storage.py 
Log Message:
Merge AuthZEOStorage with ZEOStorage. Don't use __import__(). Introduce register_module() and get_module(). Use hmac.py from python 2.2 (for python 2.1 support)

=== ZODB3/ZEO/auth/__init__.py 1.1.2.1 => 1.1.2.2 ===
--- ZODB3/ZEO/auth/__init__.py:1.1.2.1	Tue Apr 29 16:02:54 2003
+++ ZODB3/ZEO/auth/__init__.py	Mon May 19 13:46:06 2003
@@ -11,3 +11,22 @@
 # FOR A PARTICULAR PURPOSE
 #
 ##############################################################################
+
+from ZEO.auth.database import Database
+
+auth_modules = {}
+
+def get_module(name):
+    if name == 'sha':
+        from auth_sha import StorageClass, Client
+        return StorageClass, Client, Database
+    elif name == 'digest':
+        from auth_digest import StorageClass, Client, DigestDatabase
+        return StorageClass, Client, DigestDatabase
+    else:
+        return auth_modules.get(name)
+
+def register_module(name, storage_class, client, db=Database):
+    if auth_modules.has_key(name):
+        raise TypeError, "%s is already registred" % name
+    auth_modules[name] = storage_class, client, db


=== ZODB3/ZEO/auth/auth_digest.py 1.1.2.2 => 1.1.2.3 ===
--- ZODB3/ZEO/auth/auth_digest.py:1.1.2.2	Thu May 15 09:46:41 2003
+++ ZODB3/ZEO/auth/auth_digest.py	Mon May 19 13:46:06 2003
@@ -40,8 +40,8 @@
 import struct
 import time
 
-from ZEO.auth.storage import AuthZEOStorage
 from ZEO.auth.database import Database
+from ZEO.StorageServer import ZEOStorage
 
 def get_random_bytes(n=8):
     if os.path.exists("/dev/urandom"):
@@ -57,7 +57,6 @@
     return sha.new(s).hexdigest()
 
 class DigestDatabase(Database):
-
     def __init__(self, filename):
         Database.__init__(self, filename)
         
@@ -69,8 +68,7 @@
         dig = hexdigest("%s:%s" % (username, password))
         self._users[username] = dig
 
-class StorageClass(AuthZEOStorage):
-
+class StorageClass(ZEOStorage):
     def set_database(self, database):
         assert isinstance(database, DigestDatabase)
         self.database = database
@@ -122,7 +120,6 @@
         return self.finish_auth(check == response)
 
 class Client:
-
     def __init__(self, stub):
         self.stub = stub
 
@@ -140,6 +137,3 @@
         
         resp_dig = hexdigest("%s:%s" % (h_up, nonce))
         return self.auth_response((username, nonce, resp_dig))
-    
-# StorageServer checks here for DatabaseClass
-DatabaseClass = DigestDatabase


=== ZODB3/ZEO/auth/auth_plaintext.py 1.1.2.1 => 1.1.2.2 ===
--- ZODB3/ZEO/auth/auth_plaintext.py:1.1.2.1	Tue Apr 29 16:02:54 2003
+++ ZODB3/ZEO/auth/auth_plaintext.py	Mon May 19 13:46:06 2003
@@ -20,14 +20,18 @@
 auth_srp module for a secure mechanism)"""
 
 import sha
-from ZEO.auth.storage import AuthZEOStorage
+import sys
 
-class StorageClass(AuthZEOStorage):
+from ZEO.StorageServer import ZEOStorage
+from ZEO.auth import register_module
+
+class StorageClass(ZEOStorage):
     def auth(self, username, password):
         try:
             dbpw = self.database.get_password(username)
         except LookupError:
             return 0
+        
         password = sha.new(password).hexdigest()
         return self.finish_auth(dbpw == password)
     
@@ -38,3 +42,5 @@
     def start(self, username, password):
         method = self.stub.extensionMethod('auth')
         return method(username, password)
+
+register_module('plaintext', StorageClass, Client)


=== ZODB3/ZEO/auth/auth_sha.py 1.1.2.1 => 1.1.2.2 ===
--- ZODB3/ZEO/auth/auth_sha.py:1.1.2.1	Tue Apr 29 16:02:54 2003
+++ ZODB3/ZEO/auth/auth_sha.py	Mon May 19 13:46:06 2003
@@ -21,9 +21,9 @@
 
 import sha
 
-from ZEO.auth.storage import AuthZEOStorage
+from ZEO.StorageServer import ZEOStorage
 
-class StorageClass(AuthZEOStorage):
+class StorageClass(ZEOStorage):
     def auth(self, username, password):
         try:
             dbpw = self.database.get_password(username)


=== ZODB3/ZEO/auth/hmac.py 1.1.2.1 => 1.1.2.2 ===
--- ZODB3/ZEO/auth/hmac.py:1.1.2.1	Tue Apr 29 16:02:54 2003
+++ ZODB3/ZEO/auth/hmac.py	Mon May 19 13:46:06 2003
@@ -1,56 +1,99 @@
-##############################################################################
-#
-# Copyright (c) 2003 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE
-#
-##############################################################################
-"""HMAC -- keyed hashing for message authentication, as described in rfc2104.
-
-Author: Tom Holroyd <tomh at kurage.nimh.nih.gov>
-Part of the SRPSocket package: 
-http://members.tripod.com/professor_tom/archives/srpsocket.html
-"""
-
-import sha
-
-BLEN = 64
-ipad = map(ord, "\x36" * BLEN)
-opad = map(ord, "\x5C" * BLEN)
-
-def hash(s):
-    return sha.new(s).digest()
-
-def hmac(key, text):
-    """Given strings 'key' and 'text', produce an HMAC digest."""
+"""HMAC (Keyed-Hashing for Message Authentication) Python module.
 
-    # If the key is longer than BLEN, hash it first.  The result must
-    # be less than BLEN bytes.  This depends on the hash function used;
-    # sha1 and md5 are both OK.
-
-    l = len(key)
-    if l > BLEN:
-        key = hash(key)
-        l = len(key)
-
-    # Pad the key with zeros to BLEN bytes.
-
-    key = key + '\0' * (BLEN - l)
-    key = map(ord, key)
-
-    # Now compute the HMAC.
+Implements the HMAC algorithm as described by RFC 2104.
+"""
 
-    l = map(lambda x, y: x ^ y, key, ipad)
-    s = reduce(lambda x, y: x + chr(y), l, '')
-    s = hash(s + text)
-    l = map(lambda x, y: x ^ y, key, opad)
-    t = reduce(lambda x, y: x + chr(y), l, '')
-    s = hash(t + s)
+import string
 
-    return s
+def _strxor(s1, s2):
+    """Utility method. XOR the two strings s1 and s2 (must have same length).
+    """
+    return "".join(map(lambda x, y: chr(ord(x) ^ ord(y)), s1, s2))
+
+# The size of the digests returned by HMAC depends on the underlying
+# hashing module used.
+digest_size = None
+
+class HMAC:
+    """RFC2104 HMAC class.
+
+    This supports the API for Cryptographic Hash Functions (PEP 247).
+    """
+
+    def __init__(self, key, msg = None, digestmod = None):
+        """Create a new HMAC object.
+
+        key:       key for the keyed hash object.
+        msg:       Initial input for the hash, if provided.
+        digestmod: A module supporting PEP 247. Defaults to the md5 module.
+        """
+        if digestmod == None:
+            import md5
+            digestmod = md5
+
+        self.digestmod = digestmod
+        self.outer = digestmod.new()
+        self.inner = digestmod.new()
+        self.digest_size = digestmod.digest_size
+
+        blocksize = 64
+        ipad = "\x36" * blocksize
+        opad = "\x5C" * blocksize
+
+        if len(key) > blocksize:
+            key = digestmod.new(key).digest()
+
+        key = key + chr(0) * (blocksize - len(key))
+        self.outer.update(_strxor(key, opad))
+        self.inner.update(_strxor(key, ipad))
+        if (msg):
+            self.update(msg)
+
+##    def clear(self):
+##        raise NotImplementedError, "clear() method not available in HMAC."
+
+    def update(self, msg):
+        """Update this hashing object with the string msg.
+        """
+        self.inner.update(msg)
+
+    def copy(self):
+        """Return a separate copy of this hashing object.
+
+        An update to this copy won't affect the original object.
+        """
+        other = HMAC("")
+        other.digestmod = self.digestmod
+        other.inner = self.inner.copy()
+        other.outer = self.outer.copy()
+        return other
+
+    def digest(self):
+        """Return the hash value of this hashing object.
+
+        This returns a string containing 8-bit data.  The object is
+        not altered in any way by this function; you can continue
+        updating the object after calling this function.
+        """
+        h = self.outer.copy()
+        h.update(self.inner.digest())
+        return h.digest()
+
+    def hexdigest(self):
+        """Like digest(), but returns a string of hexadecimal digits instead.
+        """
+        return "".join([string.zfill(hex(ord(x))[2:], 2)
+                        for x in tuple(self.digest())])
+
+def new(key, msg = None, digestmod = None):
+    """Create a new hashing object and return it.
+
+    key: The starting key for the hash.
+    msg: if available, will immediately be hashed into the object's starting
+    state.
+
+    You can now feed arbitrary strings into the object using its update()
+    method, and can ask for the hash value at any time by calling its digest()
+    method.
+    """
+    return HMAC(key, msg, digestmod)

=== Removed File ZODB3/ZEO/auth/storage.py ===




More information about the Zodb-checkins mailing list